Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
reddy_vam
Starting Member
43 Posts |
 Posted - 2008-12-01 : 15:51:44
|
| Hi,I need assistance in writing a script which incldes following things1. Type of backups using for all databases2. Need to check whether system databases are include in backup plan or not3. Access to Backup files---Restrict restore permissions to DBAs and db_owners.4. replication agent runs under SQL Server Agent account5. Prevent SQL injection by validating all user input before transmitting it to the server.6. Check the Audit level in SQL ServerThanks,Vamshi |
|
|
GilaMonster
Master Smack Fu Yak Hacker
4507 Posts |
Posted - 2008-12-02 : 03:57:29
|
| Is this homework? Interview questions?The questions are mostly unrelated to each other...1) Types of backups depend on your availability and data loss requirements. There's not a generic one for any DB. Find out from your manager what's the maximum allowable downtime and how much data loss is considered 'acceptable' in the case of a disaster. You then need to set up a backup strategy that will let you restore completely in the time allowed while adhering to the data loss rules. It will require testing. You need to know how long backups take and how long restores take.3) Backup files are in the NTFS file system and hence are covered by NTFS security, not SQL security.5) Don't run any ad-hoc code from the front end. Call stored procedures, parameterise the calls and don't have dynamic SQL in the procedures. If you do that, you will not have a SQL injection vulnerability and won't need to validate input.6) Audit level?--Gail ShawSQL Server MVP |
 |
|
|
|
|
|
Backup and Disaster Recovery Procedures